GitOps architecture of graylog components

Hi, I would like to implement a GitOps architecture of graylog internal components (i.e. streams, inputs, dashboards, etc.) and configure all the components through some sort of configuration file which can be saved in git. Regarding to graylog components, the closest thing I know about is content packs, which can save me all the components to a JSON file. However, as it seems, I can’t update it by modifying this JSON file and triggering a refresh API endpoint (I can only update the content packs but I have to provide the new configuration in the API request which can be quite handy rather than just reading from file).

Is there some other way to address this issue or some other workaround for it? I want to be able to control and update the state of each group tenant components (stream and input for each group) in git, and modifying it in case of some sort of a change.

Thank you all for your help!

Unfortunately the only way to do something like this is to write an application that can translate a config file into actionable API commands and interact with graylog with the API.

Is your goal to track all changes in graylog via git?

Hello, and thank you for the reply.

Yes, I would like to track the changes in git as much as possible.
I want to use Graylog as a central logging tool for all my customers. Each customer is a tenant and it’s logs should be separated from all other tenants. What I have in mind is creating a stream, index and perhaps an input for each tenant, so each tenant has access only to the assigned stream, and doing so only with the UI makes it hard to track changes among all the tenants. Because of that, my team decided that like our other services, we would like to track the changes inside Graylog using git (as much as possible). What I had in mind is creating the content packs and indexes as JSON objects in git and as you said use a config-reloader (like git-sync) to apply the changes through API requests.

Is this approach is the best practice for my use case?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.